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DETAILED ACTION 

This is in response to a letter for patent filed on October 16 th , 2000 in which claims 1-68 are 
presented for examination. Claims 1-68 are pending in the letter. 



Claim Objections 

L Claim 18 is objected to because of the following informalities: Applicant discloses "the 
postal indicium. " Applicant is advised to replace "the" by "a " in order to overcome examiner's 
objection 

Double Patenting 

2. The nonstatutory double patenting rejection is based on a judicially created doctrine 
grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or 
improper timewise extension of the "right to exclude" granted by a patent and to prevent possible 
harassment by multiple assignees. See In re Goodman, 1 1 F.3d 1046, 29 USPQ2d 2010 (Fed. 
Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 
F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 
1970); and, In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321(c) may be used to 
overcome an actual or provisional rejection based on a nonstatutory double patenting ground 
provided the conflicting application or patent is shown to be commonly owned with this 
application. See 37 CFR 1.130(b). 

Effective January 1, 1994, a registered attorney or agent of record may sign a terminal 
disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 
CFR 3.73(b). 

3. Claims 1-56 are rejected under the judicially created doctrine of obviousness-type double 
patenting as being unpatentable over claims 72-120 of U.S. Patent No. 09/690,083. Although the 
conflicting claims are not identical, they are not patentably distinct from each other because they 
both define inventions that are obvious variations of each other and achieving the same end 
result. Accordingly, it would have been obvious to those in possession of the inventive concept 
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disclosed in claims 1-56 are already included in the inventive concept disclosed in claims 72-120 
of copending application 09/690,083. Furthermore, one of ordinary skill in the art at the time the 
invention was made would have realized the substitution of "a computer executable code for 
authenticating one or more users and verifying that the authenticated user is authorized to 
assume a role" by "a state machine for determining a state corresponding to one or more 
commands available to an authenticating user" in claim 1, 30 and claim 72, 104 of the 
copending application are obvious expedient since the remaining element are defined in the 
claims. In re Karlson, 136 USPQ 184 (CCPA 1963). 

4. Claims 57-68 are rejected under the judicially created doctrine of obviousness-type 
double patenting as being unpatentable over claims 1-41 of U.S. Patent No. 09/690,083 and 1-40 
of application No. 09/688,456. Although the conflicting claims are not identical, they are not 
patentably distinct from each other because they both define inventions that are obvious 
variations of each other and achieving the same end result. Accordingly, it would have been 
obvious to those in possession of the inventive concept disclosed in claims 57-68 are already 
included in the inventive concept disclosed in claims 1-41 of copending application 09/688,456. 
Furthermore, one of ordinary skill in the art at the time the invention was made would have 
realized the omission of "that the user is authorized to assume a role" in claim 1 of application 
the copending application 09/688,456 and the substitution "that the user is authorized to assume 
a role" by "a state machine for determining a state corresponding availability of one or more 
commands" in claim 1 of the copending application 09/690,083 are obvious expedient since the 
remaining elements are defined in the claims. In re Karlson, 136 USPQ 184 (CCPA 1963). 
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5. This is a provisional obviousness-type double patenting rejection because the conflicting 
claims have not in fact been patented. 

Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 1-68 are rejected under 35 U.S.C. 103(a) as being unpatentable over by 
Whitehouse (U.S. Patent No. 6,005,945) in view of Leon (U.S. Patent No. 6,424,954). 

8. As per claim 1, Whitehouse teaches a security system (secure central computer, 102) for 
securing data in a computer network (network 100, fig 3, 4, 7) comprising a plurality of user 
terminals (customer, user, 102) coupled (connected) to the computer network, a cryptographic 
device (cryptographic key) remote from the plurality of user terminals and coupled to the 
computer network, a plurality of security device transaction data for ensuring authenticity of the 
one or more users, wherein each security device transaction data is related to a user (see fig 3, 4 
and 7, column 8 line 30-9 line 63). Whitehouse fails to teach a cryptographic device includes a 
computer executable code for authenticating one or more users and verifying that the 
authenticated user is authorized to assume a role. However Leon teaches a cryptographic device 
includes a computer executable code for authenticating one or more users and verifying that the 
authenticated user is authorized to assume a role (see column 8 lines 45-67, 9 lines 20-27). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to modify Whitehouse' s inventive concept to include Leon's cryptographic device 
includes a computer executable code for authenticating one or more users and verifying that the 
authenticated user is authorized to assume a role because this would have provided knowledge to 
the system as to which entity is using the system in order to determine which key to load unto 
system and which level of security is applicable. 

9. As per claim 2, Whitehouse teaches a system wherein the security device transaction data 
related to a user is loaded into the cryptographic device when the user requests to operate on a 
value bearing item (see column 9 line 32-63), 

10. As per claim 3, Whitehouse teaches the claim inventive concept stated in claim 1 . 
Whitehouse fails to teach a system wherein the assumed role includes one or more corresponding 
operations to be performed by the authenticated user. However, Leon teaches a system wherein 
the assumed role includes one or more corresponding operations to be performed by the 
authenticated user (see column 8 lines 45-62, 9 lines 2 0-27 f 35-67), Therefore, it would have 
been obvious to one of ordinary skill in that art at the time the invention was made to modify 
Whitehouse's inventive concept to include Leon's system wherein the assumed role includes one 
or more corresponding operations to be performed by the authenticated user because this would 
have provided knowledge to the system as to which entity is using the system in order to 
determine which key to load unto system and which level of security is applicable. 

11. As per claim 4-10, Whitehouse teaches Whitehouse teaches the claim inventive concept 
stated in claim 1. Whitehouse fails to teach a system wherein the assumed role is a security 
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officer role to initiate a key management function, a key custodian role to take possession of 
shares of keys, an administrator role to manage a user access control database, an auditor role to 
manage audit logs, a provider role to withdraw from a user account, a user role to operate on a 
VBI, a certificate authority role to allow a public key certificate to be loaded and verified. 
However, Leon teaches a system wherein the assumed role is a security officer role to initiate a 
key management function, a key custodian role to take possession of shares of keys, an 
administrator role to manage a user access control database, an auditor role to manage audit logs, 
a provider role to withdraw from a user account, a user role to operate on a VBI, a certificate 
authority role to allow a public key certificate to be loaded and verified (see column 8 lines 45-9 
line 67). Therefore, it would have been obvious to one of ordinary skill in that art at the time the 
invention was made to modify Whitehouse's inventive concept to include Leon's system wherein 
the assumed role is a security officer role to initiate a key management function, a key custodian 
role to take possession of shares of keys, an administrator role to manage a user access control 
database, an auditor role to manage audit logs, a provider role to withdraw from a user account, a 
user role to operate on a VBI, a certificate authority role to allow a public key certificate to be 
loaded and verified because this would have provided knowledge to the system as to which 
entity is using the system in order to determine which key to load unto system and which level of 
security is applicable. 

12. As per claim 11-14, 16, Whitehouse teaches the inventive concept as stated in claim 1. 
Whitehouse fails to teach a system wherein the cryptographic device includes a state machine for 
determining a state corresponding to availability of one or more commands in conjunction with 
the role, stateless, includes a computer executable code for preventing unauthorized modification 
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of data, for ensuring the proper operation of cryptographic security and VBI related meter 
functions, for supporting multiple concurrent users and maintaining a separation of roles and 
operations performed by each user. However, Leon teaches a system wherein the cryptographic 
device includes a state machine for determining a state corresponding to availability of one or 
more commands in conjunction with the role, stateless, includes a computer executable code for 
preventing unauthorized modification of data, for ensuring the proper operation of cryptographic 
security and VBI related meter functions, for supporting multiple concurrent users and 
maintaining a separation of roles and operations performed by each user {see column 8 lines 45- 
9 line 67). Therefore, it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify Whitehouse's inventive concept to include Leon's system 
wherein the cryptographic device includes a state machine for determining a state corresponding 
to availability of one or more commands in conjunction with the role, stateless, includes a 
computer executable code for preventing unauthorized modification of data, for ensuring the 
proper operation of cryptographic security and VBI related meter functions, for supporting 
multiple concurrent users and maintaining a separation of roles and operations performed by 
each user because this would have provided knowledge to the system as to which entity is using 
the system in order to determine which key to load unto system, which state to operate the 
system and which level of security is applicable. 

13. As per claim 15, Whitehouse teaches a system wherein at least one of the users is an 
enterprise account {see column 23 line 41-67). 
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14. As per claim 17-18, Whitehouse teaches a system wherein the value bearing item is a 
mail piece comprises a digital signature (fig 2). 

15. As per claim 19 and 20, Whitehouse teaches a system wherein the cryptographic device 
encrypts validation information according to a user request for printing a VBI, generates data 
sufficient to print a postal indicium in compliance with postal service regulation on the mail 
piece (fig 2). 

16. As per claim 21 and 22, Whitehouse teaches a system wherein bar code is printed on the 
value bearing item that is a ticket (fig 2). 

17. As per claim 23 and 24, Whitehouse teaches a system wherein each security device 
transaction data includes an ascending register value, a descending register value, a respective 
cryptographic device ED, an indicium key certificate serial number, a licensing ZIP code, a key 
token for an indicium signing key, user secrets, a key for encrypting user secrets, data and time 
of last transaction, last challenge received from a respective client subsystem, an operational 
state of the respective device, expiration dates for keys, and a passphrase repetition list, a private 
key, a public key, and a public key certificate, wherein the private key is used to sign device 
status responses and a VBI which, in conjunction with a public key certificate, demonstrates that 
the device and the VBI are authentic (see column 10 line 45-11 line 29, 20 line 16-40), 

18. As per claim 25, Whitehouse teaches a system further comprising at least one more 
cryptographic device remote from the plurality of user terminals coupled to the computer 
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network, wherein the at least one more cryptographic device includes a computer executable 
code for authenticating any of the plurality of users {see figs 4, and 7). 

19. As per claim 26, Whitehouse teaches a system wherein the cryptographic device shares a 
secret with the at least one more cryptographic device {see column 8 lines 30-42, 9 lines 12-31, 
10 lines 50-11 line 29, 12 lines 35-64). 

20. As per claim 27-29, Whitehouse teaches a system wherein one of the plurality of 
cryptographic devices is a master device and generates a master key set (MKS) includes a Master 
Encryption Key (MEK) used to encrypt keys when stored outside the device and a Master 
Authentication Key (MAK) used to compute a DES MAC for signing keys when stored outside 
of the device exported to other cryptographic devices by any cryptographic device {see column 4 
line 20-27, 16 lines 39-44, 23 lines 41-67). 

21. As per claim 30, Whitehouse teaches a method for securing data {secure computer, 104, 
for securing data) in a computer network {network, 100, fig 3 and 4) having a plurality of user 
terminals {user, 102), the method comprising storing {memory for storing, 154) information 
{user data) about a plurality of users using the plurality of terminals in a database remote from 
the plurality of securing the information about the users in the database by one or more of 
cryptographic devices {cryptographic keys) remote from the plurality of user terminals, storing a 
plurality of security device transaction data {transaction data), wherein each transaction data is 
related to one of the plurality of users. Whitehouse fails to teach verifying that a user is 
authorized to assume a role. However Leon teaches verifying that a user is authorized to assume 
a role {see column 8 lines 45-67, 9 lines 20-27). Therefore, it would have been obvious to one of 
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ordinary skill in the art at the time the invention was made to modify Whitehouse's inventive 
concept to include Leon's verifying that a user is authorized to assume a role because this would 
have provided knowledge to the system as to which entity is using the system in order to 
determine which key to load unto system and which level of security is applicable. 

22. As per claim 31, Whitehouse teaches a method of loading a security device transaction 
data related to a user into one of the one or more of cryptographic devices when the user requests 
to operate on a value bearing item (see column 9 line 32-63). 

23. As per claim 32-40, Whitehouse teaches the inventive concept as stated in claim 1. 
Whitehouse fails to teach a method of authenticating the identity of each user, verifying that the 
user is authorized to perform a corresponding operation based on the assumed role wherein the 
assumed role is a security officer role and the corresponding command is initiating a key 
management function, a key custodian role to take possession of shares of keys, an administrator 
role to manage a user access control database, an auditor role to manage audit logs, a provider 
role to authorize increasing credit for a user account, a user role to perform expected IB IP meter 
operation, a certificate authority role to allow a public key certificate to be loaded and verified. 
However Leon teaches a method of authenticating the identity of each user, verifying that the 
user is authorized to perform a corresponding operation based on the assumed role wherein the 
assumed role is a security officer role and the corresponding command is initiating a key 
management function, a key custodian role to take possession of shares of keys, an administrator 
role to manage a user access control database, an auditor role to manage audit logs, a provider 
role to authorize increasing credit for a user account, a user role to perform expected IB IP meter 
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operation, a certificate authority role to allow a public key certificate to be loaded and verified 
(see column 8 lines 45-9 line 67). Therefore, it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to modify Whitehouse' s inventive concept to 
include Leon's a method of authenticating the identity of each user, verifying that the user is 
authorized to perform a corresponding operation based on the assumed role wherein the assumed 
role is a security officer role and the corresponding command is initiating a key management 
function, a key custodian role to take possession of shares of keys, an administrator role to 
manage a user access control database, an auditor role to manage audit logs, a provider role to 
authorize increasing credit for a user account, a user role to perform expected EBDP meter 
operation, a certificate authority role to allow a public key certificate to be loaded and verified 
because this would have provided knowledge to the system as to which entity is using the system 
in order to determine which key to load unto system, which state to operate the system and which 
level of security is applicable. 

24. As per claim 41, Whitehouse teaches the inventive concept as stated in claim 1. 
Whitehouse fails to teach a method of determining a state corresponding to availability of one or 
more commands in conjunction with the roles. However, Leon teaches a method of determining 
a state corresponding to availability of one or more commands in conjunction with the roles (see 
column 8 lines 45-62, 9 lines 35-67). Therefore, it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to modify Whitehouse's inventive concept to 
include Leon's a method of determining a state corresponding to availability of one or more 
commands in conjunction with the roles this would have provided knowledge to the system as to 
which entity is using the system in order to determine which level of security is applicable. 





Application/Control Number: 09/688,452 



Page 12 



Art Unit: 3621 

25. As per claim 43, Leon teaches a method wherein the state machine includes one or more 
of an uninitialized state, an initialized state, an operational state, an administrative state, an 
exporting shares state, an importing shares state, and an error state (see column 9 lines 59-67). 

26. As per claim 44, Whitehouse teaches a method of storing data for creating an indicium, 
account maintenance, and revenue protection (see figs 4 and 7). 

27. As per claim 45-47, Whitehouse teaches a method of printing a mail piece includes a 
digital signature, a postage amount, an ascending register of used postage and descending 
register of available postage (see abstract, column 16 lines 25-38). 

28. As per claim 48, 49, Whitehouse teaches a method of printing a ticket, a coupon (see fig 



29. As per claim 50, Whitehouse teaches a method wherein the security device transaction 
data includes an ascending register value, a descending register value, a respective cryptographic 
device ID, an indicium key certificate serial number, a licensing ZIP code, a key token, an 
indicium signing key, user secrets, a key for encrypting user secrets, data and time of last 
transaction, last challenge received from a respective client subsystem, an operational state of the 
respective device, expiration dates for keys, and a passphrase repetition list (see column 8 lines 



2). 



30-42, 9 lines 12-31, 10 lines 50-11 line 29, 12 lines 35-64). 
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30. As per claim 5 1, Whitehouse teaches a method of using a private key to sign device 
status responses and the VBI which, in conjunction with a public key certificate, demonstrates 
that the device and the VBI are authentic {see column 9 line 32-63), 

31. As per claim 52, Whitehouse teaches a method of sharing a secret with any of the other 
devices {see column 9 line 32-63). 

32. As per claim 53-56, Whitehouse teaches a method of generating a master key set (MKS), 
generating a Master Encryption Key (MEK) used to encrypt keys when stored outside the device, 
Master Authentication Key (MAK) used to compute a DES MAC for signing keys when stored 
outside of the device and performing one or more of Rivest, Shamir and Adleman (RSA) public 
key encryption, DES, Triple-DES, DSA signature, SHA-1, and Pseudo-random number 
generation algorithms by each of the cryptographic devices {see column 4 line 20-27, 16 lines 
39-44, 23 lines 41-67). 

33. As per claim 57, Whitehouse teaches a cryptographic device {secure central computer, 
102) for securing data {postal information) on a computer network (network 100, fig 3, 4) 
comprising a processor {postal authority computer for processing, 180) programmed to 
authenticate {authenticate) a plurality of users {users, 104) on the computer network {network 
100, fig 3, 4) for secure processing of a value bearing item {postal indicium, fig 2) (see abstract, 
figs 2, 3, 4), a memory {memory, 154) for storing {stores) security device transaction data 
{records) for ensuring authenticity of a user, wherein the security device transaction data is 
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related to the one of the plurality of users, a cryptographic engine {cryptographic key) for 
cryptographically protecting data and an interface {interface, 152, 112, 252) for communicating 
with the computer network {see abstract, fig 4, 7, column 8 lines 54-8 line 63). Whitehouse fails 
to teach a system wherein to determine that user is authorized to assume a role. However Leon 
teaches a system wherein to determine that user is authorized to assume a role {see column 8 
lines 45-67, 9 lines 20-27). Therefore, it would have been obvious to one of ordinary skill in the 
art at the time the invention was made to modify Whitehouse's inventive concept to include 
Leon's a system wherein to determine that user is authorized to assume a role because this would 
have provided knowledge to the system as to which entity is using the system in order to 
determine which key to load unto system and which level of security is applicable. 

34. As per claim 58-62, Whitehouse teaches the inventive concept stated in claim 1. 
Whitehouse fails to teach a cryptographic device wherein the processor is programmed to 
verify that the identified user is authorized to assume a role of a key custodian role to take 
possession of shares of keys, an administrator role to manages a user access control database, a 
provider role to authorize increasing credit for a user account or a user role to perform 
expected IBIP postal meter operations and perform a corresponding operation. However, Leon 
teaches a cryptographic device wherein the processor is programmed to verify that the 
identified user is authorized to assume a role of a key custodian role to take possession of 
shares of keys, an administrator role to manages a user access control database, a provider role 
to authorize increasing credit for a user account or a user role to perform expected IBIP postal 
meter operations and perform a corresponding operation {see column 8 lines 45-9 line 67). 



Application/Control Number: 09/688,452 Page 15 

Art Unit: 3621 

Therefore, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify Whitehouse's inventive concept to include Leon's a 
cryptographic device wherein the processor is programmed to verify that the identified user is 
authorized to assume a role of a key custodian role to take possession of shares of keys, an 
administrator role to manages a user access control database, a provider role to authorize 
increasing credit for a user account or a user role to perform expected D3IP postal meter 
operations and perform a corresponding operation because this would have provided knowledge 
to the system as to which entity is using the system in order to determine which level of security 
is applicable. 

35. As per claim 63-65, Whitehouse teaches a cryptographic device further comprising a 
stored secret that is a password, a public/private key for cryptographically protecting data (see 
column 8 lines 30-42, 9 lines 12-31, 10 lines 50-11 line 29, 12 lines 35-64). 

36. As per claim 66, Whitehouse teaches a cryptographic device wherein the value bearing 
item is a postage value including a postal indicium (see abstract, column 16 lines 25-38). 

37. As per claim 67-68, Whitehouse teaches a cryptographic device wherein the value 
bearing item that include a bar code is a ticket (fig 2). 
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Conclusion 



38. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 



provides central management of all postage without the need to manage physical meters 



b. Amanda (U.S. Patent No 6,385, 731)) teaches on-line electronic postage metering 
system that operates in conjunction with the United States Postal Service (USPS) that 
allows a user to print a postal indicium at home, at office, or any other desired place in a 
secure and fraud-free manner. A user computer and a user printer, electronically 
connected to the PSD server and the USPS computer, constitute an on-line electronic 
postage meter. 

c. Kara et al (U.S. Patent No. 6,249, 777) teach a demand program that may be 
coupled to a word processing program, or other process, residing within the first PC, 
thus allowing the user to request and subsequently print the postage indicia on 
correspondence or postal items generated by the coupled process. 



a. 



Cordey et al (U.S. Patent No. 6,466,921) teach a virtual postage metering system 



orPSDs. 



d. Leon (U.S. Patent No. 6,381,589) teaches a secure processing unit interfaces with 
the local computer and performs the secure processing normally associated with a secure 
postal environment. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed t o Firmin Backer whose telephone number is (703) 305-0624. The 
examiner can normally be reached on Mon-Thu 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached on (703) 305-9768. The fax phone numbers for the 
organization where this application or proceeding is assigned are (703) 305-7687 for regular 
communications and (703) 305-7687 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 308-1 1 13. 

Firmin Backer 
Examiner 
Art Unit 3621 



March 17, 2003 
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